How the US can kick Russia in their hacking balls
It's been nearly a year since US intelligence agencies accused top Russian officials of authorizing hacks on voting systems in the US's 2016 presidential election, and mounting evidence suggests that the US has not fought back against the hacks as strongly as possible.
But attributing and responding to cyber crimes can be difficult, as it can take "months, if not years" before even discovering the attack according Ken Geers, a cyber-security expert for Comodo with experience in the NSA.
Even after finding and attributing an attack, experts may disagree over how best to deter Russia from conducting more attacks.
But should President Donald Trump "make the call" that Russia is to blame and must be retaliated against, Geers told Business Insider an out-of-the-box idea for how to retaliate.
"It's been suggested that we could give Russia strong encryption or pro-democracy tools that the FSB [the Federal Security Service, Russia's equivalent of the FBI] can't read or can't break," said Geers.
In Russia, Putin's autocratic government strictly controls access to the internet and monitors the communications of its citizens, allowing it suppress negative stories and flood media with pro-regime propaganda.
If the US provided Russians with tools to communicate secretly and effectively, new, unmonitored information could flow freely and Russians wouldn't have to fear speaking honestly about their government.
The move would be attractive because it is "asymmetric," meaning that Russia could not retaliate in turn, according to Geers. In the US, the government does not control communications, and Americans are already free to say whatever they want about the government.
"What if we flooded the Russian market with unbreakable encryption tools for free downloads?," Geers continued. "That would really make them angry and annoy them. It would put the question back to them, 'what are you going to do about it?'"
To accomplish this, the NSA could spend time "fingerprinting" or studying RUNET, the Russian version of the internet, according to Geers. The NSA would study the challenges Russia has with censorship, how it polices and monitor communications, and then develop a "fool-proof" tool with user manuals in Russian and drop it into the Russian market with free downloads as a "big surprise," he added.
"You're just trying to figure out how to kick them in the balls," Geers said of the possible tactic. "But they'd probably figure out how to defeat it in time."
Geers acknowledged that such a move could elicit a dangerous response from Russia, but, without killing or even hurting anyone, it's unclear how Russia could escalate the conflict.
As it stands, it appears that Russian hacking attempts have continued even after former president Barack Obama expelled Russian diplomats from the US in retaliation last year. Cyber-security experts attribute a series of recent intrusions into US nuclear power plants to Russia.
Taking bold action, as Geers suggests, would leave Russia scrambling to attribute the attack to the US without clear evidence, while putting out fires from a newly empowered public inquiry into its dealings.
The ball would be in Russia's court, so to speak, and they might think twice about hacking the US election next time.